Not only this, but depending on how the products work, they may not even be compatible with each other. For example, if one product uses the same method as another product to intercept the actions then they may end up overriding each other, preventing one of the products from functioning properly.
Anyway, AdroxideHIPS is more of a mixed set, therefore the Behavior Blocker/HIPS is mixed into one component; some of the functionality which can be enabled fits the description of HIPS more than BB (e.g. preventing host file modifications, preventing AutoRun modifications, etc.), whereas other features fit the description of a BB more than HIPS (e.g. preventing process injection attacks, preventing suspicious file modifications (part of anti-ransomware), preventing master boot record modifications, etc.). Depending on the behavior which is being intercepted will depend on the alert style: if the behavior fits the description of HIPS more than BB then the user will be notified of "suspicious" activity and the alert can be an amber color to represent this, whereas if the behavior is more dangerous and fits the description of a BB than HIPS, the alert can be red to symbolize danger.
Thank you, hopefully it will be better than anything you've seen before. I will have a database of Trusted Publishers/genuinely clean software and this can be applied to the white-list, and eventually a cloud network for program lookup queries - this will be beneficial to reduce the alerts the user will be getting when they use new software, because nothing is more annoying than having to go through a ton of alerts for software that is clean... But of course I can make it so the user can disable the auto-white-list, and the rules for any program can be changed at any time from the white-list tab so it's not a problem.
As for the dynamic heuristics, it's purpose isn't to sit there and ask you what you want to do on a certain action; it's purpose is to monitor how the program is operating and only interfere when behavior which can be linked to a specific threat type is identified (such as a worm, rootkit, trojan downloader, phishing, etc.). I guess the dynamic heuristics can also be known as being part of the "behavior blocker" component, however it's all really mixed together as a whole.
The dynamic heuristics hasn't had as much development time as the mixed BB/HIPS functionality, therefore much more work is needed for it... But once it's complete the results should be pretty neat. If it doesn't work well then I can simply drop it out of the program and introduce it at a later date after release, not a problem.
Thanks for taking an interest, if you have any more questions then feel free to shoot me a PM as I don't want to hijack this thread any more haha.